org.eclipse.userstorage/src/org/eclipse/userstorage/internal/CredentialedSession.java - usssdk/org.eclipse.usssdk - Git at Google

 /*
  * Copyright (c) 2015 Eike Stepper (Berlin, Germany) and others.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
  *
  * SPDX-License-Identifier: EPL-2.0
  *
  * Contributors:
  *    Eike Stepper - initial API and implementation
  *    Manumitting Technologies Inc - refactoring and implementation
  */
 package org.eclipse.userstorage.internal;

 import org.eclipse.userstorage.IStorageService;
 import org.eclipse.userstorage.internal.util.JSONUtil;
 import org.eclipse.userstorage.internal.util.StringUtil;
 import org.eclipse.userstorage.spi.Credentials;
 import org.eclipse.userstorage.spi.ICredentialsProvider;

 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.fluent.Request;

 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URI;
 import java.util.LinkedHashMap;
 import java.util.Map;

 /**
  * A session that is based around user/password authentication
  */
 public class CredentialedSession extends Session
 {
   private String sessionID;

   private String csrfToken;

   public CredentialedSession(IStorageService service, ICredentialsProvider credentialsProvider)
   {
     super(service, credentialsProvider);
   }

   @Override
   protected URI getServiceURI()
   {
     return StringUtil.newURI(service.getServiceURI(), "api/blob/");
   }

   @Override
   public void reset()
   {
     sessionID = null;
     csrfToken = null;
     super.reset();
   }

   @Override
   protected Credentials authenticate(Credentials credentials, boolean reauthentication) throws IOException
   {
     if (sessionID == null)
     {
       reset();

       HttpEntity responseEntity = null;

       try
       {
         credentials = provideCredentials(credentials, reauthentication);

         Map<String, Object> arguments = new LinkedHashMap<String, Object>();
         arguments.put("username", credentials.getUsername());
         arguments.put("password", credentials.getPassword());

         URI uri = StringUtil.newURI(service.getServiceURI(), "api/user/login");

         Request request = configureRequest(Request.Post(uri), uri);
         InputStream body = JSONUtil.build(arguments);
         request.bodyStream(body);

         HttpResponse response = sendRequest(request, uri);
         responseEntity = response.getEntity();

         getStatusCode("POST", uri, response, OK);

         Map<String, Object> object = JSONUtil.parse(responseEntity.getContent(), null);

         sessionID = (String)object.get("sessid");
         if (sessionID == null)
         {
           throw new IOException("No session ID");
         }

         csrfToken = (String)object.get("token");
       }
       catch (IOException ex)
       {
         reset();
         debugResponseEntity(responseEntity);
         throw ex;
       }
     }

     acquireCSRFToken(credentials);
     return credentials;
   }

   protected final void acquireCSRFToken(Credentials credentials) throws IOException
   {
     if (csrfToken == null)
     {
       HttpEntity responseEntity = null;

       try
       {
         URI uri = StringUtil.newURI(service.getServiceURI(), "api/user/token");

         Request request = configureRequest(Request.Post(uri), uri);
         HttpResponse response = sendRequest(request, uri);
         responseEntity = response.getEntity();

         Map<String, Object> object = JSONUtil.parse(responseEntity.getContent(), null);

         csrfToken = (String)object.get("token");
         if (csrfToken == null)
         {
           throw new IOException("No CSRF token");
         }
       }
       catch (IOException ex)
       {
         csrfToken = null;

         debugResponseEntity(responseEntity);

         throw ex;
       }
     }
   }

   @Override
   protected Request configureRequest(Request request, URI uri)
   {
     if (csrfToken != null)
     {
       request.setHeader(CSRF_TOKEN, csrfToken);
     }
     return super.configureRequest(request, uri);
   }
 }
	/*
	* Copyright (c) 2015 Eike Stepper (Berlin, Germany) and others.
	* This program and the accompanying materials are made
	* available under the terms of the Eclipse Public License 2.0
	* which is available at https://www.eclipse.org/legal/epl-2.0/
	*
	* SPDX-License-Identifier: EPL-2.0
	*
	* Contributors:
	* Eike Stepper - initial API and implementation
	* Manumitting Technologies Inc - refactoring and implementation
	*/
	package org.eclipse.userstorage.internal;

	import org.eclipse.userstorage.IStorageService;
	import org.eclipse.userstorage.internal.util.JSONUtil;
	import org.eclipse.userstorage.internal.util.StringUtil;
	import org.eclipse.userstorage.spi.Credentials;
	import org.eclipse.userstorage.spi.ICredentialsProvider;

	import org.apache.http.HttpEntity;
	import org.apache.http.HttpResponse;
	import org.apache.http.client.fluent.Request;

	import java.io.IOException;
	import java.io.InputStream;
	import java.net.URI;
	import java.util.LinkedHashMap;
	import java.util.Map;

	/**
	* A session that is based around user/password authentication
	*/
	public class CredentialedSession extends Session
	{
	private String sessionID;

	private String csrfToken;

	public CredentialedSession(IStorageService service, ICredentialsProvider credentialsProvider)
	{
	super(service, credentialsProvider);
	}

	@Override
	protected URI getServiceURI()
	{
	return StringUtil.newURI(service.getServiceURI(), "api/blob/");
	}

	@Override
	public void reset()
	{
	sessionID = null;
	csrfToken = null;
	super.reset();
	}

	@Override
	protected Credentials authenticate(Credentials credentials, boolean reauthentication) throws IOException
	{
	if (sessionID == null)
	{
	reset();

	HttpEntity responseEntity = null;

	try
	{
	credentials = provideCredentials(credentials, reauthentication);

	Map<String, Object> arguments = new LinkedHashMap<String, Object>();
	arguments.put("username", credentials.getUsername());
	arguments.put("password", credentials.getPassword());

	URI uri = StringUtil.newURI(service.getServiceURI(), "api/user/login");

	Request request = configureRequest(Request.Post(uri), uri);
	InputStream body = JSONUtil.build(arguments);
	request.bodyStream(body);

	HttpResponse response = sendRequest(request, uri);
	responseEntity = response.getEntity();

	getStatusCode("POST", uri, response, OK);

	Map<String, Object> object = JSONUtil.parse(responseEntity.getContent(), null);

	sessionID = (String)object.get("sessid");
	if (sessionID == null)
	{
	throw new IOException("No session ID");
	}

	csrfToken = (String)object.get("token");
	}
	catch (IOException ex)
	{
	reset();
	debugResponseEntity(responseEntity);
	throw ex;
	}
	}

	acquireCSRFToken(credentials);
	return credentials;
	}

	protected final void acquireCSRFToken(Credentials credentials) throws IOException
	{
	if (csrfToken == null)
	{
	HttpEntity responseEntity = null;

	try
	{
	URI uri = StringUtil.newURI(service.getServiceURI(), "api/user/token");

	Request request = configureRequest(Request.Post(uri), uri);
	HttpResponse response = sendRequest(request, uri);
	responseEntity = response.getEntity();

	Map<String, Object> object = JSONUtil.parse(responseEntity.getContent(), null);

	csrfToken = (String)object.get("token");
	if (csrfToken == null)
	{
	throw new IOException("No CSRF token");
	}
	}
	catch (IOException ex)
	{
	csrfToken = null;

	debugResponseEntity(responseEntity);

	throw ex;
	}
	}
	}

	@Override
	protected Request configureRequest(Request request, URI uri)
	{
	if (csrfToken != null)
	{
	request.setHeader(CSRF_TOKEN, csrfToken);
	}
	return super.configureRequest(request, uri);
	}
	}